diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2017-07-10 02:33:57 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-07-20 03:37:39 +0200 |
| commit | c5cb79b6f630f7d83b3f701385e162c6a82d5939 (patch) | |
| tree | 349911b190d18f31503f929d0893dccf19434051 /src | |
| parent | selftests: ensure that there isnt CPU lag when testing rate limiter (diff) | |
| download | wireguard-monolithic-historical-c5cb79b6f630f7d83b3f701385e162c6a82d5939.tar.xz wireguard-monolithic-historical-c5cb79b6f630f7d83b3f701385e162c6a82d5939.zip | |
send: orphan skbs when buffering longterm
Otherwise we quickly use up all of a socket's memory, which prevents a
socket from sending packets to other interfaces. This also has the nice
effect of letting TCP connections continue to attempt to begin, with the
older ones being naturally rotated out and freed, so when a connection
finally is made, only the later TCP connections are attempted, not the
ones that would already have timed out.
Diffstat (limited to 'src')
| -rw-r--r-- | src/send.c | 8 |
1 files changed, 7 insertions, 1 deletions
@@ -147,6 +147,7 @@ void packet_create_data_done(struct sk_buff_head *queue, struct wireguard_peer * void packet_send_queue(struct wireguard_peer *peer) { struct sk_buff_head queue; + struct sk_buff *skb; peer->need_resend_queue = false; @@ -180,7 +181,12 @@ void packet_send_queue(struct wireguard_peer *peer) break; case -ENOKEY: /* ENOKEY means that we don't have a valid session for the peer, which - * means we should initiate a session, but after requeuing like above. */ + * means we should initiate a session, but after requeuing like above. + * Since we'll be queuing these up for potentially a little while, we + * first make sure they're no longer using up a socket's write buffer. */ + + skb_queue_walk (&queue, skb) + skb_orphan(skb); spin_lock_bh(&peer->tx_packet_queue.lock); skb_queue_splice(&queue, &peer->tx_packet_queue); |